Hybrid Cloud Complicates Enterprise and Network Security

Organizations are struggling to keep up with network security operations at a time when data breaches and cyber attacks are on the rise, according to new research by Enterprise Strategy Group (ESG) commissioned by security technology company Tuflin.

Fifty-seven percent of IT leaders feel that network security operations is more difficult today than two years ago, according to a survey of 150 IT and information security professionals in North America, conducted in March 2015. The reasons? The increase in hybrid cloud adoption as well as the rise of network-connected devices and traffic.

Security teams revealed they face an uphill battle that’s complicated by public and private cloud environments, a large number of firewalls, and numerous application deployments.

“The data from our conversations with IT and security professionals paints a concerning picture of network security operations challenges, confusion and missteps,” Reuven Harrison, CTO at Tuflin, said in a statement.

“As innovations like hybrid cloud environments, business applications and security products have created benefits for organizations, they have also created a complex environment for security teams,” Harrison said. “It’s critical that organizations create strong security policies and use automation in order to reduce the errors associated with today’s complicated IT environments, helping to reduce the likelihood of successful cyber attacks and business down time.”

A majority of survey respondents (67%) have implemented a private cloud within their environment and 91% say they will greatly increase their use of infrastructure-as-a-service/platform-as-a-service over the next two years. This rate of cloud adoption has caused organizations to rethink their security plans, and a significant number of survey respondents indicated that the support of cloud initiatives has become the primary driver of their organization’s network security operations strategy.

Despite this, only one-third of organizations currently using public cloud computing services and/or private cloud infrastructure have created formal security policies for their use of public/private cloud infrastructure. This indicates that many organizations are not properly securing their cloud environment, the report says.